Package: xulrunner Version: 1.9.1.5-2 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xulrunner.
CVE-2008-5913[0]: | An unspecified function in the JavaScript implementation in Mozilla | Firefox creates and exposes a "temporary footprint" when there is a | current login to a web site, which makes it easier for remote | attackers to trick a user into acting upon a spoofed pop-up message, | aka an "in-session phishing attack." NOTE: as of 20090116, the only | disclosure is a vague pre-advisory with no actionable information. | However, because it is from a well-known researcher, it is being | assigned a CVE identifier for tracking purposes. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5913 http://security-tracker.debian.org/tracker/CVE-2008-5913 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

